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What IS CLAIMED IS: 

A cryptographic device for securing data on a computer 
comprising: 

a processor programmed to authenticate a plurality of users 
n the computer network for £ecure processing of a value bearing 
item; 

a memory for storirig security device transaction data for 
ensuring authenticity of a/ user, wherein the security device 
transaction data is related to the one of the plurality of users; 

a cryptographic engine for cryptographically protecting 

data; and 

an interface . for Communicating with the computer network. 



2. The cryptographic/ device of claim 1, wherein the processor 
.is programmed to verify that the identified user is authorized to 
assume a role and perform a corresponding operation. 



3. The cryptographic device of claim 2, wherein the assumed 
role is a key custodian rqfle to take possession of shares of keys, 



4 . The cryptograph 
role is an administrator 
database . 

5 . The cryptograph 
role is a provider role 
account . 



6. The cryptograph 
role is a user role to per 



7 . The cryptograph 
stored secret for 



cryptogiaph 



ic device of claim 2, wherein the assumed 
role to manages a user access control 



ic device of claim 2, wherein the assumed 
o authorize increasing credit for a user 



Lc device of claim 2, wherein the assumed 
form expected IBIP postal meter operations. 



ic device of claim 1 further comprising a 
ically protecting data. 
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8. The cryptographic device of claim 1, whereir/ the secret is 
a password. / 

9. The cryptographic device of claim 1, wherein the secret is 
a public/private key pair. / 

10. The cryptographic device of claim A, wherein the processor 
is programmed to include a state machine/ for determining a state 
corresponding to availability of commands in conjunction with the 
roles. / 

11. The cryptographic device/of claim 1, wherein the processor 
is stateless. / 

12. The cryptographic device of claim 1, wherein the processor 
is programmed to prevent unai/thorized and undetected modification of 
data . / 

13. The cryptographic device of claim 1, wherein the processor 
is programmed for preventing unauthorized disclosure of data. 

14. The cryptographic device of claim 1, wherein the processor 
is programmed to isnsure proper operation of cryptographic security 
and VBI related meter functions . 

15. Ther cryptographic device of claim 1, wherein the processor 
is programmed for providing indications of an operational state of a 
VBI meter./ 

16/ The cryptographic device of claim 2, wherein the processor 
is programmed for supporting multiple concurrent users and 
maintaining a separation of roles and operations performed by each 
user. 




-87- 



1 39778/RRT/S850 

17. The cryptographic device of claim 1, wherein the processor 
stores information about a number of last transactions in an inteamal 

5 register and compares the information saved in the register wi^h the 
information saved in a memory before loading a new transaction data. 

18. The cryptographic device of claim 17, wherein the memory 
includes data for creating indicium, account maintenance, and revenue 

10 protection. 

19. ■ The cryptographic device of claim 1/ wherein the value 
bearing item is a postage value including a postal indicium. 



15 20. The cryptographic device of cl^fm 19, wherein the postal 

indicium comprises a digital signature. 



21. The cryptographic device claim 19, wherein the postal 
indicium comprises a postage amount 

22. The cryptographic de/ice of claim 19, wherein the postal 
indicium comprises an ascending register of used postage and 
descending register of available postage. 




25 23. The cryptographic device of claim 1, wherein the value 

bearing item is a ticket. 

24. The cryptographic device of claim 1, wherein the value 
bearing item includes a bar code. 



30 



25. The (Cryptographic device of claim 1, wherein the value 
bearing item i/s a coupon. 



26. /The cryptographic device of claim 1, wherein the value 
35 bearing Lcem is currency. 
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27. The cryptographic device of claim 1, wherein the ;va}/ue 
bearing item is a voucher. 



28. The cryptographic device of claim 1, wherein t 
bearing item is a traveler's check. 




value 



29. The cryptographic device of claim 1, wherein jeach security 
device transaction data includes an ascending register value, a 
descending register value, a, respective cryptographic device ID, an 
indicium key certificate serial number, a licensing ZIP code, a key 
token for an indicium signing key, user secrets, A key for encrypting 
user secrets, data and time .of last transaction, last challenge 
received from a respective client subsystem, /an operational state of 
the respective device, expiration dates fpfr keys, and a passphrase 
repetition list. 

30. The cryptographic device of^claim 1, wherein the processor 
is capable of sharing a secret/ with a plurality of other 
cryptographic devices. 

31. The cryptographic de/ice of claim 1, wherein the processor 
and the cryptographic engine ^generate a master key set (MKS) 

32. The cryptographic device of claim 31, wherein the MKS 
includes a Master Encryption Key (MEK) used to encrypt keys when 
stored outside the device. 



33. The cryptographic device of claim 32, wherein the MKS 
further includes a Master Authentication Key (MAK) used to compute a 
DES MAC for signing keys when stored outside of the device. 



34. The cryptographic device of claim 31, wherein the MKS is 
exported to otmer cryptographic devices . 
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/ 

/ 



35. The cryptographic device of claim 1, further comprising a 
memory including a user profile for a subset of the plurality of 

users . / 

/ 

/ 

36. The cryptographic device of claim 35, wherein the user 
profile includes username, user role, password, logon/f ailure count, 
logon failure limit, logon time-out limit, account expiration, 
password expiration, and password period ^/ 

/ 

37. The cryptographic device of claim/lO, wherein the state 
machine comprises of an uninitialized stated/an initialized state, an 
operational state, an administrative state, an exporting shares 
state, an importing shares state, and an error state. 



38. The cryptographic devi/fe of claim 37, wherein the 
operational state comprises mean's for access control, means for 

ession management, and means fo y r key management, and means for audit 
support , 

39. The cryptographic device of claim 1, wherein the 
cryptographic engine is p/ogrammed to perform one or more of Rivest, 
Shamir and Adleman (RSAj/ public key encryption, DES, Triple-DES, DSA 
signature, SHA-1, and /Pseudo-random number generation algorithms. 

40. The cryptographic device of claim 1, wherein at least one 
of the plurality dt users is an enterprise account. 

41. A metmod for securing data on a computer network including 
a plurality off users comprising the steps of: 

authenticating and authorizing the plurality of users for 
secure processing of a value bearing item; 

/storing a security device transaction data in a memory for 
ensuring Authenticity and authority of one of the plurality of users, 

/ 
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wherein the security device transaction data is related to the g>he of 
the plurality of users; and / 

including cryptographically protected data using/a. stored 

secret. 



42. The method of claim 41 further comprisipg the step of 
printing the value bearing item. 

43. The method of claim 41 further comprising the step of 
storing a plurality of security device 'transaction -data in a database 
wherein, each transaction data is related to/one of the plurality of 
users. 

44. The method of claim 43 further comprising the step of 
loading a security device transaction data related to the 
cryptographic device when the use/ requests to operate on a value 

^aring item. 

45. The method of claa&n 41 further comprising the steps of 
authenticating the identity of each user and verifying that the 
identified user is authorized to assume a role and to perform a 
corresponding operation. 

46. The methoca of claim 45, wherein the assumed role is an 
administrator roleyco manage a user access control. 

47. The rjrtethod of claim 45, wherein the assumed role is a 
provider role £o authorize increasing credit for a user account. 



48. The method of claim 45, wherein the assumed role is a user 
role to perform expected IBIP postal meter operations. 
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49. The method of claim 45, wherein the assumed ro^e is a 
security officer role for initiating key management function. 

50. The method of claim 45, wherein the assumed^role is a key 
custodian role to take possession of shares of keys- 

51. The method of claim 45, wherein the ^assumed role is an 
auditor role to manage audit logs. 

52. The method of claim 41, furthe^ comprising the step : of 
printing a postage value including a postal indicium. 

53. The method of claim 52,/ wherein the postal indicium 
comprises a digital signature. 

54. The method of claiij/ 52, wherein the postal indicium 
comprises a postage amount, 

55. The method of ^laim 52, wherein the postal indicium 
comprises an ascending .register of used postage and descending 
register of available postage. 

56. The methocy of claim 41, further comprising the step of 
printing a ticket. 

57. The method of claim 41, further comprising the step of 
printing a bar /code. 

58. TKe method of claim 41, further comprising the step of 
printing a/coupon. 

59/ The method of claim 41, further comprising the step of 
printing a currency. 
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60. The method of claim 41, further comprising the ster/ of 
printing a traveler's check. / 

5 / 

61. The method of claim 41, further comprising the step of 
printing a voucher. / 

62. The method of claim 41, further comprising the step of 
10 storing a user profile for a subset of . the plurality of users. 

63. The method of claim 62, wherein ther user profile includes 
username, user role, password, logon failure count, Logon failure 
limit, logon time-out limit, account expiration, password expiration, 

15 and password period / 

64. The method of claim 41 -/further comprising the step of 
performing one or more of Rivest, /Shamir and Adleman (RSA) public key 
encryption, DES, Triple-DES, DSA signature, SHA-1, and Pseudo-random 
number generation algorithms i/by each of the cryptographic devices. 

65. The method of/claim 41, further comprising the steps of 
supporting multiple concurrent operators and maintaining a separation 
of roles and operations performed by each operator. 

66. The mechod of claim 41, further comprising the steps of: 
storing information about a number of last transactions in 

a respective/ internal register of each of the one or more 
cryptograph/c devices; 
30 / storing a table including the information about a last 

transact/ion in the database; and 

/ comparing the information saved in the respective device 
with/the respective information saved in the database. 

35 / 



-93- 




39778/RRT/S850 

67. The method of claim 66, further comprising^Ehe step of 
loading a new transaction data if the respective^ififormation stored 
in the device compares . with the respective ijrformation stored in the 
database. 



68. The method of claim^l, wherein the secret is a password. 

69. The method/of claim 41, wherein the secret is a 
public/private ke^/^air . 

70. T^fe method of claim 41, wherein at least one of the 
plurality' of users is an enterprise account. 
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